Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:PHorde Imp
APPHorde2.02.22.2.12.2.22.2.32.2.42.2.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
References
Related vulnerabilities
CVE-2003-0025HIGH7.5ten sam produkt
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized...
CVE-2002-0181HIGH7.5ten sam produkt
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to exe...
CVE-2012-6640MEDIUM4.3ten sam produkt
Cross-site scripting (XSS) vulnerability in Horde Internet Mail Program (IMP) before 5.0.22, as used in Horde ...
CVE-2012-5565MEDIUM4.3ten sam produkt
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0...
CVE-2012-0791MEDIUM4.3ten sam produkt
Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP before 5.0.18 and Horde Groupware Webmail Edi...